Financial organizations at risk via compromised third parties

Cyber threat intelligence specialist Lookingglass Cyber Solutions has released the results of a study on global financial institutions and the risks introduced by their partners and providers.

It makes for quite scary reading, with analysis revealing that 100 percent of the third-party networks sampled showed signs of either compromise or increased risk.

The recent Target breach is a case in point. Originally thought to be the work of an insider it now seems to have been the result of a third-party compromise.

Lookingglass found that outbound botnet traffic and malicious behavior were the most common indicators, accounting for 75 percent of the assessed sample. 25 percent of the sample showed indicators of the ZeuS Banking Trojan. General malware was also present with 25 percent having hosts attempting to communicate with Conficker sites.

A further issue is that 15 percent of third parties relied on a single internet provider leaving them vulnerable to DNS attacks. Since many of these third parties will use other suppliers for hosting and other services the risk runs further down the supply chain.

"Every week, we are hearing about a new organization reporting a major data theft, but what they aren't talking about is exactly how perpetrators are getting in. This study highlights a weakness that the industry has been very hesitant to talk about in public -- the fact that trusted third parties should not and cannot be truly trusted," says Chris Coleman, CEO of Lookingglass. "Global organizations such as financial institutions, as well as retailers and critical infrastructure organizations, must look beyond their own defensive perimeters and consider monitoring their public Internet presence to better understand their attack surface. Gaining insight into third parties is crucial to mitigating risk within the supply chain".